direnv: fix gpg keyserver

[sourcephile-nix.git] / servers / mermet / openldap / sourcephile.fr.nix

diff --git a/servers/mermet/openldap/sourcephile.fr.nix b/servers/mermet/openldap/sourcephile.fr.nix
index cbc3e99d58d4468b4427c49d29b129e170bbe599..d62346c9a052cdc0dc50e4ae0479c9dd2a0ff9fc 100644 (file)
--- a/servers/mermet/openldap/sourcephile.fr.nix
+++ b/servers/mermet/openldap/sourcephile.fr.nix
@@ -13,6 +13,10 @@ let
   posixAccount = pkgs.callPackage (import ./posixAccount.nix) { inherit domain domainSuffix domainGroup; };
 in
 {
+users.groups."${domainGroup}" = {
+  gid = 20000;
+  members = ["julm"];
+};
 # DEBUG: echo "$(nixops show-option mermet -d production services.openldap.databases."g".data)"
 services.openldap.databases."${domainSuffix}" = {
   # DEBUG: sudo ldapsearch -LLL -H ldapi:// -D cn=admin,cn=config -Y EXTERNAL -b 'olcDatabase={1}mdb,cn=config' -s sub
@@ -52,7 +56,6 @@ services.openldap.databases."${domainSuffix}" = {
       by * none
     olcAccess: to dn.sub="ou=posix,${domainSuffix}"
       by self read
-      by dn="gidNumber=${toString groups.nslcd.gid}+uidNumber=${toString users.nslcd.uid},cn=peercred,cn=external,cn=auth" read
       ${lib.optionalString (hasAttr postfix.user users) ''by dn="gidNumber=${toString groups.postfix.gid}+uidNumber=${toString users.postfix.uid},cn=peercred,cn=external,cn=auth" read''}
       ${lib.optionalString (hasAttr dovecot2.user users) ''by dn="gidNumber=${toString groups.dovecot2.gid}+uidNumber=${toString users.dovecot2.uid},cn=peercred,cn=external,cn=auth" read''}
       by dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
@@ -86,14 +89,20 @@ services.openldap.databases."${domainSuffix}" = {
     objectClass: top
     objectClass: organizationalUnit
 
+  ''
+/*
     dn: cn=${domainGroup},ou=groups,ou=posix,${domainSuffix}
     objectClass: top
     objectClass: posixGroup
     gidNumber: 20000
     memberUid: julm
-    memberUid: sevy
 
-  ''
+    dn: cn=autogeree,ou=groups,ou=posix,${domainSuffix}
+    objectClass: top
+    objectClass: posixGroup
+    gidNumber: 20001
+    memberUid: julm
+*/
   + lib.concatMapStrings posixAccount [ rec
     { uid = "julm";
       cn = "Julien Moutinho";
@@ -110,13 +119,8 @@ services.openldap.databases."${domainSuffix}" = {
         # bypassing IMAP because (neo)mutt support of IMAP is very bad
         # (can't even have a decent $folder_format (with %n or %m) working,
         # neither sorting them by date).
-        "maildir:${stateDir}/mail/${d}/${uid}/mail.d:LAYOUT=maildir++:UTF-8:CONTROL=${stateDir}/control/${d}/${uid}:INDEX=${stateDir}/index/${d}/${uid}";
+        "maildir:${stateDir}/home/${d}/${uid}/mail:LAYOUT=maildir++:UTF-8:CONTROL=${stateDir}/control/${d}/${uid}:INDEX=${stateDir}/index/${d}/${uid}";
     }
-    #{ uid="sevy"; uidNumber=10001; cn="Séverine Popek"; sn="sévy";
-    #  mailAlias = ["severine.popek" "ouais-ouais"]; }
-    #{ uid="nomail"; uidNumber=10002; mailAlias = ["noalias"]; mailEnabled = false; }
-    #{ uid="post"; mailForwardingAddress = ["ju@${domain}"]; }
-    #{ uid="host"; mailForwardingAddress = ["ju@${domain}"]; }
   ];
 };
 }